Foresight News reports that the Balancer community has recently proposed a plan to allocate funds recovered from the recent hacking incident. In the $116 million theft, approximately $28 million has been recovered by white-hat hackers, internal rescue teams, and the Ethereum liquid staking platform StakeWise.
However, the proposal only covers the $8 million recovered by white-hat hackers and internal rescue teams. The nearly $20 million recovered by StakeWise will be distributed separately to its users.
01 Incident Review: Major Hack and Fund Recovery
On November 3, the Balancer protocol suffered a severe blow. A rounding error vulnerability hidden in a V2 pool was exploited by hackers, who manipulated batch swaps across seven chains to steal $128 million.
Ethereum took the biggest hit, losing $99 million, followed by Base, Polygon, Arbitrum, and other ecosystem chains.
This exploit stemmed from a smart contract flaw and marked the third major security incident for Balancer.
Total Value Locked (TVL) plummeted from around $775 million to $258 million, while the value of the BAL token dropped by about 30%.
02 Fund Recovery: $28 Million Saved
Not all funds were lost in this serious security breach.
White-hat hackers, internal rescue personnel, and the Ethereum liquid staking platform StakeWise teamed up to recover approximately $28 million.
The recovered funds are divided into three parts:
- $8 million recovered by white-hat hackers and internal rescue teams
- $19.7 million in osETH and osGNO recovered by StakeWise
- $4.1 million recovered internally in collaboration with Certora, which, due to prior agreements, does not qualify for bounty rewards
03 Distribution Plan: Principle of Non-Socialized Compensation
The proposal recommends that all compensation follow a non-socialized distribution model.
This means funds will be returned only to the liquidity pools that actually suffered losses, and distributed proportionally to holders based on their share of Balancer Pool Tokens (BPT) in those pools.
Victims will receive compensation equivalent to the value of their lost tokens, helping to avoid mismatches between different digital asset values.
This approach ensures a fair principle: "Funds are returned to the pools that were hacked, with no collective sharing."
04 White-Hat Rewards and Claims Mechanism
The proposal includes a structured reward for white-hat hackers and compensates users based on asset snapshot data from the time of the exploit.
This aligns with the "Safe Harbor Agreement," which sets a bounty cap of $1 million per incident and requires white-hat hackers to complete comprehensive KYC and sanctions screening.
Notably, several anonymous rescuers on Arbitrum have declined to claim their bounty rewards.
The recovered tokens span Ethereum, Polygon, Base, and Arbitrum networks. Liquidity providers will be compensated in the original tokens they supplied, proportionally by pool.
A claims mechanism is currently in development. If the proposal passes, users will need to accept updated terms of service.
05 Community Response and Discussion
The Balancer community has actively discussed the proposal.
Some members noted, "This distribution method is quite thoughtful—avoiding collective sharing is definitely a plus," while others expressed concern: "Handling $8 million and $20 million separately might get complicated."
Another user commented, "Each pool is responsible for itself? That logic makes sense—at least there won’t be endless arguments."
While the distribution plan has gained some approval, some users still pointed out, "Why argue over how to split $28 million? Why not just refund based on loss proportion, instead of holding meetings to discuss?"
06 Background and Impact: The Road to DeFi Security
This incident ranks as the second-largest DeFi hack of 2025, with ecosystem-wide losses now exceeding $2.2 billion.
Ironically, Balancer had undergone 11 audits and was still compromised. This highlights the double-edged nature of composability: when a base protocol has a bug, the entire stack is at risk.
The real damage is reflected in TVL. In just 48 hours, Balancer’s total value locked crashed from $443 million to $186 million—a 58% drop.
Combined with the previous long-term decline (down $1.1 billion since January), this hack was the final straw.
07 V3 Architecture and Future Outlook
During this incident, Balancer V3 pools remained completely unaffected, demonstrating the robustness of the new architecture.
The BAL token stabilized after a 6% drop, and the market still has confidence in the protocol’s long-term recovery. The team is pushing forward with an aggressive V3 migration plan.
This event also serves as a reminder of the systemic risks in DeFi. When a base protocol is vulnerable, the entire ecosystem feels the impact.
Looking Ahead
Balancer’s fund allocation proposal sets a new precedent for handling security incidents in DeFi. The non-socialized distribution principle ensures fairness, while the white-hat reward mechanism encourages cybersecurity professionals to participate in fund recovery.
Although $8 million represents only a small fraction of the total losses, this transparent and orderly distribution process will help restore community trust and pave the way for Balancer’s V3 migration and future growth.
